Exploitation Summary
EIP tracks 1 public exploit for CVE-2008-5946. PoCs published by Rake.
AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in PHP-Fusion 4.01 by injecting a UNION-based query to extract user credentials from the database. The attack leverages unsanitized input in the 'news_id' parameter to manipulate the SQL query.
Description
SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
Exploits (1)
This exploit demonstrates an SQL injection vulnerability in PHP-Fusion 4.01 by injecting a UNION-based query to extract user credentials from the database. The attack leverages unsanitized input in the 'news_id' parameter to manipulate the SQL query.